Category Web Application Attack

CSRF Attack or Cross-Site Request Forgery is a web application vulnerability that allows an attacker to mislead or induce the user. To perform some action on the application that they don’t want to perform. In simple words, the attacker force the…

There are many people who are new to Bug Bounty. Most of them are stuck, What to do, What the First thing they should perform. I will say there is no first thing or no best method. Everyone has different…

Till now we know how to connect with the application and find some useful information and understand the application. Till now we have found some basic vulnerability for our report. Like server information in response headers, If sensitive information is…

So till now in Web application Testing, we have looked footprinting step. Now we will use the burp suite and try to do some information gathering about the working of the application. This is the most important part of web…

Web Application Pentesting I am going to show you how to do web application Pentesting in real-world. What are things you need to add in your report and will discuss OWASP testing guide V4. We will try to follow the…

WordPress is one of the most popular CMS and captures around 60% of the CMS market. There are many reasons to use like. Easy to use, not much hard work, good for blogs and allow nontechnical people to set up…

Directory Traversal in another and critical web application vulnerability which arises due to lack of validation from the server-side. Directory traversal allow an attacker to read change the directory from the server and read the content of the other directories.…

Lot’s of People are interested in Bug-Bounty, How to start where to learn, how much time it will take and all other things. If you are not familiar with the Bug-Bounty then Bug bounty is like a freelancer big companies…

HTTP HEADERS Http header is the most common thing in a web application when you visit a website your browser sends a request to the server and server response to your request as an Http response. when your browser sends…